Command-Jacking: The New Supply Chain Attack Technique

Cybersecurity researchers have discovered that entry points in various programming ecosystems, such as PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates, can be exploited for software supply chain attacks.